Re: setuid scripts in SunOS 4.1.x

Peter Jeremy (jeremyp@gsms01.alcatel.oz.au)
Thu, 22 Sep 94 16:05:46 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul O'Donnell: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Richard Huddleston: "Re: setuid scripts in SunOS 4.1.x"
Maybe in reply to: Peter Jeremy: "setuid scripts in SunOS 4.1.x"
Next in thread: *Hobbit*: "Re: setuid scripts in SunOS 4.1.x"

Judging by the responses I have received to my earlier question about
setuid scripts, it seems my question was unclear.

I am aware that setuid shell scripts are insecure and tools like perl
and/or wrapper programs avoid (most of) the security holes.  I don't
use any setuid shell scripts and don't intend to.

What I would like to do is to _prevent_ any shell scripts that acquire
setuid (or setgid) privileges from executing with those privileges.  I
thought I'd seen a procedure somewhere to patch SunOS 4.1.x, but can't
locate it now.
---
Peter Jeremy (VK2PJ)			peter@titan.alcatel.oz.au
Alcatel Australia Limited		jeremyp@gsms01.alcatel.oz.au
41 Mandible St				Phone: +61 2 690 5019
ALEXANDRIA  NSW  2015			Fax:   +61 2 690 5247

Next message: Paul O'Donnell: "Re: setuid scripts in SunOS 4.1.x"
Previous message: Richard Huddleston: "Re: setuid scripts in SunOS 4.1.x"
Maybe in reply to: Peter Jeremy: "setuid scripts in SunOS 4.1.x"
Next in thread: *Hobbit*: "Re: setuid scripts in SunOS 4.1.x"